Exploit Shield
An exploit (from the same word in the French language, meaning “achievement”, or “accomplishment”) is a piece of software, a chunk of data, or sequence of commands that take advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behavior to occur on computer software, hardware, or something electronic (usually computerized). This frequently includes such things as violently gaining control of a computer system or allowing privilege escalation or a denial of service attack. (Wikipedia)
Eleven days ago Microsoft did a disclosure on the MS09-002. Seven days later we already had a proof of concept that was used in the wild, and today having even the Metasploit exploit.
Eleven days have passed, did you patch the vulnerability? Most of the users will not have it patched too soon, even if it comes with the automatic updates. Many just simply have automatic updates turned off. Even so, there are some patches which take a long time to be released, for example the MS08-078 patch did take a while to be released.
And here comes in Exploit Shield an application which will protect your from browser based exploits (either IE or Firefox), but don’t over trust it, as soon as a patch comes out you should fix the vulnerability.
Exploit Shield is designed to shield Web browsers between the development of an exploit and the release of the vendor’s patch.
Exploit Shield posses the following functionality: Zero Day Defense, Patch-Equivalent Protection, Proactive Measures, Protects Against All Websites and Automatic Feedback.
But does it work? Of course it does, check out the detection of a MS09-002 based exploit which was catched by the heuristics incorporated in the software.
It’s also a program that would be useful when researching/coding such exploits, although the automatic submission should be disabled in that case (*grin*).
If you haven’t got it yet, you can download it from here.
